What certs best complement the CISSP? What certs do most CISSPs have?

abnmi

Wonder what everyone's opinion on the questions are.

jonwinterburn

I'm currently studying for CISSP. I have the SSCP, which I took for two reasons: to prepare me for CISSP, and because I'm from a technical background, and SSCP is more technical than CISSP. So I think the two go well together. Moving forward, I aim to gain the CISA. The impression I get is that if you are a CISSP and want to take the management route, the best additional cert is CISM, or if you are taking the audit route, then the best additional cert is CISA. Both CISA and CISM are available from ISACA - https://www.isaca.org (US) https://www.isaca.org.uk (UK).

CyberfiSecurity

Just keep in mind that CISA and CISM are not technical certification. Unless you are into the IT auditing and security risk assesstment, then those certifications are recommended. If you are into the technical I would recommend toward Cisco Security certification; but if you want to stay in the neutral vendors then CEH by ec-council, CCFP by (ISC)2, and GIAC certifications. Also, it is good to have OSCP and/or OSCE.

rob1234

jonwinterburn wrote: »

I'm currently studying for CISSP. I have the SSCP, which I took for two reasons: to prepare me for CISSP, and because I'm from a technical background, and SSCP is more technical than CISSP. So I think the two go well together. Moving forward, I aim to gain the CISA. The impression I get is that if you are a CISSP and want to take the management route, the best additional cert is CISM, or if you are taking the audit route, then the best additional cert is CISA. Both CISA and CISM are available from ISACA - https://www.isaca.org (US) https://www.isaca.org.uk (UK).

ISC2 do not recommend someone holds both the SSCP and CISSP.

Direct quote frrom ISC2:


" Please note that we don’t normally suggest that someone has both the SSCP and CISSP certifications, as they are related to quite different career paths."

JDMurray

Apparently the (ISC)2 doesn't consider that certified individuals can change their career path.

GoodBishop

Typically you see the trifecta of CISSP/CISA/CISM. Though it varies on what they do - could be CISSP/CCNP/CEH, or others.

bill clancy

It depends on what you want to do. In addition to the CISSP, I have a CEH, a CISA, and have passed the exams for CISM and CRISC. I'm slow in doing the paperwork on the last two, because then you have to maintain them with money and CPEs. I'm currently working on OWSAP, and Linux+. So I try to balance technical and management certs. ITIL is good as is 6 sigma, as more large companies are moving towards managed IT.
I've been an ISO, and am currently doing incident response, so I'm kind of all over the map. Just make sure you don't go too far downhill, keep the certs relevant and top shelf. If you want a challenge ISSAP or ISSEP.

abnmi

Thanks bill, i have been looking into the cisa, pmp, and possibly linux+ and oscp.

rcsoar4fun

I have my CISSP. Here in a few weeks I expect to sit for the PMP. My CCIE written just expired, but I will probably take it early next year.

IMHO security and networking go hand in hand, so it helps to have at least some experience there.


I kinda figure with CISSP, PMP and CCIE I shouldn't have too much trouble getting a job...